Software Update: GnuPG 2.2.20

Version 2.2.20 of GnuPG has been released. GnuPG stands for GNU Privacy Guard and is also often abbreviated to GPG. This is a collection of tools for securing communication flows and data. It can be used to encrypt data and create digital signatures, and to provide a framework for public key cryptography. It supports both OpenPGP and s/mime standards. For more information, please refer to this page. The main changes made in this release are listed below.

Noteworthy changes in version 2.2.20

  • Protect the error counter against overflow to guarantee that the tools can’t be tricked into returning success after an error.
  • gpg: Make really sure that –verify-files always returns an error.
  • gpg: Fix key listing –with-secret if a pattern is given. [#4061]
  • gpg: Fix detection of certain keys used as default-key. [#4810]
  • gpg: Fix default-key selection when a card is available. [#4850]
  • gpg: Fix key expiration and key usage for keys created with a creation date of zero. [#4670]
  • gpgsm: Fix import of some CR,LF terminated certificates. [#4847]
  • gpg: New options –include-key-block and –auto-key-import to allow encrypted replies after an initial signed message. [#4856]
  • gpg: Allow the use of a fingerprint with –trusted-key. [#4855]
  • gpg: New property “fpr” for use by –export-filter.
  • scdaemon: Disable the pinpad if a KDF DO is used. [#4832]
  • dirmngr: Improve finding OCSP certificates. [#4536]
  • Avoid build problems with LTO or gcc-10. [#4831]

Version number 2.2.20
Release status Final
Operating systems Windows 7, Linux, macOS, Windows Vista, Windows 8, Windows 10
Website GnuPG
License type GPL